Our experts will provide the following comprehensive IS audit areas:
Business process analysis
Carried out to determine the company's value chains involved information and technical resources, as well as the divisions of the company. This information will be used to contact the identified risks to information security business risk.
IT infrastructure analysis
Carried out to identify technical vulnerabilities in the architecture of the IT infrastructure, as well as in the configurations of the components of the IT infrastructure, analysis of internal and external fraud potential channels.
Conducting penetration tests
Modeling potential attacks on selected information assets of the company.
Analysis of information security management processes
Carried out either in accordance with the requirements of the ISO / IEC 27001: 2013 standard, or on the basis of an abbreviated list of processes taking into account the best practices of the ISO / IEC 27001: 2013 standard, as well as Cobit and ITIL.
Assessment of information security risks affecting business risks
Analysis of the identified risks impact on the company's business, development of a final report, description of recommendations.